Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

“Whereas your account on the host is available and automatically granted access to all machines, fileshares and services on the active directory network. If it got admin rights, then you've got admin pretty much everywhere.”

Nonsense. You can have local admin rights that work only on one machine.



Nonsense, there are endless ways to escalate and pivot once you get local admin.

That being said, there are indeed restrictions that can and should be set on admin rights. Not that IT would know about it or that it would limit pivoting much.


"Nonsense, there are endless ways to escalate and pivot once you get local admin."

Why not report your findings to Microsoft and get your bug bounty payout?

And if this is true, wouldn't they also just do that from inside the VM?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: